Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/689d05-1b14-4f9b-8e7c-371ac7c654da/1/oYNGitFuaZjU23dpvvv6BuofE0I.mft
File:                     oYNGitFuaZjU23dpvvv6BuofE0I.mft (raw, json)
Hash identifier:          OJIiQFZvng+Z0uN78Aq102PEwihT2jPb8mAhz33LcM4=
Subject key identifier:   06:79:7C:FE:4A:54:78:23:93:84:EF:CE:70:A8:DE:47:F9:27:50:9E
Authority key identifier: A1:83:46:8A:D1:6E:69:98:D4:DB:77:69:BE:FB:FA:06:EA:1F:13:42
Certificate issuer:       /CN=a183468ad16e6998d4db7769befbfa06ea1f1342
Certificate serial:       019CAE350265B7374D7DEA2D29839F7A72AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oYNGitFuaZjU23dpvvv6BuofE0I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/689d05-1b14-4f9b-8e7c-371ac7c654da/1/oYNGitFuaZjU23dpvvv6BuofE0I.mft
Manifest number:          11C3
Signing time:             Mon 02 Mar 2026 11:00:35 +0000
Manifest this update:     Mon 02 Mar 2026 11:00:35 +0000
Manifest next update:     Tue 03 Mar 2026 11:00:35 +0000
Files and hashes:         1: oYNGitFuaZjU23dpvvv6BuofE0I.crl (hash: LRzAAaLZ5+hfCPTeG1DNX5mZltmW8eHWgxWlvmzlWSE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/689d05-1b14-4f9b-8e7c-371ac7c654da/1/oYNGitFuaZjU23dpvvv6BuofE0I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/689d05-1b14-4f9b-8e7c-371ac7c654da/1/oYNGitFuaZjU23dpvvv6BuofE0I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oYNGitFuaZjU23dpvvv6BuofE0I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 11:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ae:35:02:65:b7:37:4d:7d:ea:2d:29:83:9f:7a:72:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a183468ad16e6998d4db7769befbfa06ea1f1342
        Validity
            Not Before: Mar  2 11:00:35 2026 GMT
            Not After : Mar  3 11:00:35 2026 GMT
        Subject: CN=06797cfe4a5478239384efce70a8de47f927509e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:22:f8:46:fe:63:d0:39:e8:2f:27:cb:c8:e5:
                    21:e7:4d:8d:31:90:29:47:39:a2:1d:cb:70:48:96:
                    15:8e:08:6f:8c:94:ce:b1:e3:26:8c:54:82:5e:54:
                    ea:fe:15:fc:16:97:ab:6a:81:99:f2:a8:08:14:a1:
                    5d:23:cb:42:5b:1c:8d:c0:f4:54:b7:82:70:b4:f3:
                    67:8f:8a:11:89:3f:a8:f0:46:27:dc:90:c5:41:38:
                    a0:3c:74:59:fa:77:b0:28:d2:fc:a9:44:9b:48:1b:
                    0c:3f:8a:f4:7c:ee:df:db:1c:63:51:e5:b6:43:a3:
                    c9:05:cc:fa:cb:db:d8:76:5f:dc:12:7e:96:eb:ff:
                    41:1a:aa:d4:87:39:e7:d9:40:bb:e3:df:f2:a1:38:
                    e4:41:62:e4:77:4f:b0:a9:9a:2f:31:f3:9a:b5:78:
                    c6:ed:f1:d5:36:6f:01:63:87:5b:b9:c5:01:3e:7e:
                    1c:83:29:e9:69:24:81:cc:c6:5e:87:9e:fb:ac:d8:
                    34:a8:37:03:c2:44:d7:eb:9f:92:fc:cc:db:cf:06:
                    33:30:b9:95:8a:5b:3b:52:1c:42:71:39:da:9b:e9:
                    b5:cd:71:6c:0e:37:36:92:35:db:38:16:1f:24:fb:
                    78:e7:38:1b:43:e7:f0:d6:d4:5e:e0:34:64:04:9c:
                    85:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:79:7C:FE:4A:54:78:23:93:84:EF:CE:70:A8:DE:47:F9:27:50:9E
            X509v3 Authority Key Identifier:
                keyid:A1:83:46:8A:D1:6E:69:98:D4:DB:77:69:BE:FB:FA:06:EA:1F:13:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oYNGitFuaZjU23dpvvv6BuofE0I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/689d05-1b14-4f9b-8e7c-371ac7c654da/1/oYNGitFuaZjU23dpvvv6BuofE0I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/689d05-1b14-4f9b-8e7c-371ac7c654da/1/oYNGitFuaZjU23dpvvv6BuofE0I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:91:19:09:99:79:41:0f:be:23:32:6b:5f:4e:89:c6:0b:8f:
         60:92:45:4e:1a:5c:14:2b:bd:01:b9:66:c6:d1:b0:ff:38:15:
         53:34:1e:99:2d:c1:89:ef:d0:a2:d1:3c:52:76:1e:e3:26:6b:
         04:ab:99:19:a8:f8:71:25:1b:53:fb:fc:ba:9e:1e:15:5e:a9:
         64:77:7e:ef:49:c5:5a:f5:fa:83:71:ce:98:03:21:76:6c:ad:
         b2:37:6b:5c:d5:6c:e1:c4:b4:43:97:9a:7d:59:c4:55:85:55:
         a1:1c:5c:d1:85:a5:f9:67:01:81:7c:1c:64:df:d7:1f:39:00:
         95:a2:07:cc:59:21:00:71:0a:39:91:01:4d:f4:2b:de:bd:d9:
         81:47:0e:7b:05:1f:2c:57:d6:d8:e3:eb:06:a6:22:4a:0c:38:
         d7:26:25:7c:9d:0a:5d:dc:62:23:64:a5:86:0c:7f:ba:b3:5a:
         bc:34:a3:7f:fc:08:9c:8e:79:2a:2d:7b:a8:53:a4:48:68:f4:
         f7:12:97:ff:1e:45:30:74:e1:34:ff:dd:35:a0:d7:b3:34:5b:
         14:7b:81:87:47:26:01:fb:d4:26:40:75:72:7e:f0:a7:c7:21:
         27:99:fc:ce:79:9c:8e:52:b5:6e:b1:9f:32:b7:04:7c:e9:c6:
         3f:29:5f:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyuNQJltzdNfeotKYOfenKtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExODM0NjhhZDE2ZTY5OThkNGRiNzc2OWJlZmJmYTA2ZWEx
ZjEzNDIwHhcNMjYwMzAyMTEwMDM1WhcNMjYwMzAzMTEwMDM1WjAzMTEwLwYDVQQD
EygwNjc5N2NmZTRhNTQ3ODIzOTM4NGVmY2U3MGE4ZGU0N2Y5Mjc1MDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwyL4Rv5j0DnoLyfLyOUh502NMZAp
RzmiHctwSJYVjghvjJTOseMmjFSCXlTq/hX8FperaoGZ8qgIFKFdI8tCWxyNwPRU
t4JwtPNnj4oRiT+o8EYn3JDFQTigPHRZ+newKNL8qUSbSBsMP4r0fO7f2xxjUeW2
Q6PJBcz6y9vYdl/cEn6W6/9BGqrUhznn2UC749/yoTjkQWLkd0+wqZovMfOatXjG
7fHVNm8BY4dbucUBPn4cgynpaSSBzMZeh577rNg0qDcDwkTX65+S/MzbzwYzMLmV
ils7UhxCcTnam+m1zXFsDjc2kjXbOBYfJPt45zgbQ+fw1tRe4DRkBJyFcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAZ5fP5KVHgjk4TvznCo3kf5J1CeMB8GA1UdIwQY
MBaAFKGDRorRbmmY1Nt3ab77+gbqHxNCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1lOR2l0RnVhWmpVMjNkcHZ2djZCdW9mRTBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi82ODlkMDUtMWIxNC00ZjliLThlN2Mt
MzcxYWM3YzY1NGRhLzEvb1lOR2l0RnVhWmpVMjNkcHZ2djZCdW9mRTBJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi82ODlkMDUtMWIxNC00ZjliLThlN2MtMzcxYWM3YzY1NGRh
LzEvb1lOR2l0RnVhWmpVMjNkcHZ2djZCdW9mRTBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA5EZCZl5
QQ++IzJrX06JxguPYJJFThpcFCu9AblmxtGw/zgVUzQemS3Bie/QotE8UnYe4yZr
BKuZGaj4cSUbU/v8up4eFV6pZHd+70nFWvX6g3HOmAMhdmytsjdrXNVs4cS0Q5ea
fVnEVYVVoRxc0YWl+WcBgXwcZN/XHzkAlaIHzFkhAHEKOZEBTfQr3r3ZgUcOewUf
LFfW2OPrBqYiSgw41yYlfJ0KXdxiI2Slhgx/urNavDSjf/wInI55Ki17qFOkSGj0
9xKX/x5FMHThNP/dNaDXszRbFHuBh0cmAfvUJkB1cn7wp8chJ5n8znmcjlK1brGf
MrcEfOnGPylfJg==
-----END CERTIFICATE-----